Language Selection

English French German Italian Portuguese Spanish

WireGuard Lands In Net-Next While It Waits For Inclusion In Linux 5.6

Filed under
Linux

The WireGuard secure VPN tunnel kernel code has landed in net-next! This means that -- barring any major issues coming to light that would lead to a revert -- WireGuard will finally reach the mainline kernel with the Linux 5.6 cycle kicking off in late January or early February!

Quick action overnight surprisingly saw WireGuard already land in net-next. It was just last night before sleeping that I wrote of the latest patch review for WireGuard and its prospects for Linux 5.6 after being just too late for Linux 5.5.

Read more

Also: WireGuard VPN is a step closer to mainstream adoption

At long last, WireGuard VPN is on its way into Linux

  • At long last, WireGuard VPN is on its way into Linux

    How much are people looking forward to WireGuard, the new in-kernel Linux virtual private network (VPN)? Well, Linus Torvalds said, "Can I just once again state my love for it and hope it gets merged soon? Maybe the code isn't perfect, but I've skimmed it, and compared to the horrors that are OpenVPN and IPSec, it's a work of art."

    If that sounds like damning with faint praise, you don't know Torvalds. For him, this is high praise. WireGuard has now been committed to the mainline Linux kernel. While there are still tests to be made and hoops to be jumped through, it should be released in the next major Linux kernel release, 5.6, in the first or second quarter of 2020.

WireGuard VPN Is On Its Way To Linux

  • WireGuard VPN Is On Its Way To Linux

    WireGuard has now been committed to the mainline Linux kernel. "While there are still tests to be made and hoops to be jumped through, it should be released in the next major Linux kernel release, 5.6, in the first or second quarter of 2020," reports ZDNet

WireGuard VPN is a step closer to mainstream adoption

  • WireGuard VPN is a step closer to mainstream adoption

    As of this morning, Linux network stack maintainer David Miller has committed the WireGuard VPN project into the Linux "net-next" source tree. Miller maintains both net and net-next—the source trees governing the current implementation of the Linux kernel networking stack and the implementation of the next Linux kernel's networking stack, respectively.

    This is a major step forward for the WireGuard VPN project. Net-next gets pulled into the new Linux kernel during its two-week merge window, where it becomes net. With WireGuard already a part of net-next, this means that—barring unexpected issues—there should be a Linux kernel 5.6 release candidate with built-in WireGuard in early 2020. Mainline kernel inclusion of WireGuard should lead to significantly higher uptake in projects and organizations requiring virtual private network capability.

WireGuard VPN For Linux Is Finally Ready For Launch

  • WireGuard VPN For Linux Is Finally Ready For Launch

    For several years, developers have been working on WireGuard VPN for Linux and now it is finally ready to arrive on the platform.

    Linus Torvalds, the creator of Linux himself praised the new in-kernel Linux VPN, calling it a “work of art” in comparison to other VPNs such as OpenVPN and IPSec (referring to them as horrors).

Ubuntu 20.04 LTS Might Still End Up Shipping With WireGuard

  • Ubuntu 20.04 LTS Might Still End Up Shipping With WireGuard Support

    There are early discussions going on over the possibility of shipping WireGuard support in Ubuntu 20.04 LTS that could be done either using the existing DKMS kernel module or patching their Linux 5.5-based kernel with WireGuard now that the necessary crypto API changes made it into that release.

    Part of the unfortunate aspect of not having WireGuard merged for Linux 5.5 due to the timing of the merge window is that it unfortunately misses the mark for Ubuntu 20.04 LTS but is already in net-next for Linux 5.6. With Linux 5.5 being out in late January or early February, this will almost definitively be the kernel powering this next Ubuntu Long-Term Support release as Linux 5.6 would cut simply too close to the April launch date for the LTS distribution.

WireGuard to be merged with Linux net-next tree

  • WireGuard to be merged with Linux net-next tree and will be available by default in Linux 5.6

    On December 9, WireGuard announced that its secure VPN tunnel kernel code will soon be included in Linux net-next tree. This indicates, “WireGuard will finally reach the mainline kernel with the Linux 5.6 cycle kicking off in late January or early February!”, reports Phoronix.

    WireGuard is a layer 3 secure networking tunnel made specifically for the kernel, that aims to be much simpler and easier to audit than IPsec.

    On December 8, Jason Donenfeld, WireGuard’s lead developer sent out patches for the net-next v2 WireGuard. “David Miller has already pulled in WireGuard as the first new feature in net-next that is destined for Linux 5.6 now that the 5.5 merge window is over,” the email thread mentions.

    While WireGuard was initiated as a Linux project, its Windows, macOS, BSD, iOS, and Android versions are already available. The reason behind the delay for Linux was that Donenfeld disliked Linux’s built-in cryptographic subsystem citing its API is too complex and difficult.

Comment viewing options

Select your preferred way to display the comments and click "Save settings" to activate your changes.

More in Tux Machines

XFS - Online Filesystem Checking

Since Linux 4.17, I have been working on an online filesystem checking feature for XFS. As I mentioned in the previous update, the online fsck tool (named xfs_scrub) walks all internal filesystem metadata records. Each record is checked for obvious corruptions before being cross-referenced with all other metadata in the filesystem. If problems are found, they are reported to the system administrator through both xfs_scrub and the health reporting system. As of Linux 5.3 and xfsprogs 5.3, online checking is feature complete and has entered the stabilization and performance optimization stage. For the moment it remains tagged experimental, though it should be stable. We seek early adopters to try out this new functionality and give us feedback. Read more

Linux 5.5 RC7

  • Linux 5.5-rc7
    Well, things picked up at the end of the week, with half of my merges
    happening in the last two days.
    
    Whether that is the usual "send the weeks work to Linus on Friday", or
    a sign that things are just picking up in general after the holidays,
    I don't know.  If the former, I'll probably just release the final 5.5
    next week. But if it looks like there's pent-up fixes pending next
    week, I'll make another rc.
    
    Nothing in here looks particularly odd. Drivers is about half of the
    patch (networking, sound, gpio, gpu, scsi, usb, you name it), with the
    rest being the usual mix - arch, networking, filesystems, core
    kernel..  The diffstat looks mostly fairly nice and flat, with a
    couple of exceptions that look harmless (a few device tree file
    updates, some pure code movemment, and a couple of driver fixes that
    ended up changing calling conventions to get done and as a result got
    to be more lines than the bug otherwise would have merited).
    
    Please do test, there should be nothing scary going on.
    
                  Linus
    
  • Kernel prepatch 5.5-rc7

    The 5.5-rc7 kernel prepatch is out. Linus is still unsure whether the final 5.5 release will come out next week or not: "if it looks like there's pent-up fixes pending next week, I'll make another rc".

  • Linux 5.5-rc7 Kernel Released

    The seventh weekly release candidate to Linux 5.5 is now available for testing. Linus noted with Linux 5.5-rc7 there was a large uptick in patch volume at week's end. "Well, things picked up at the end of the week, with half of my merges happening in the last two days." Due to the recent holidays in large part, it's possible an eighth release candidate may be needed for Linux 5.5 before then releasing the kernel as stable on 2 February. However, in today's 5.5-rc7 announcement, Torvalds noted he may just end up releasing 5.5 stable next week. In any case, the release of Linux 5.5 is right on the horizon and this should be the kernel powering Ubuntu 20.04 LTS and other upcoming distribution releases.

GNU Make 4.3 Released!

The next stable version of GNU make, version 4.3, has been released and is available for download from https://ftp.gnu.org/gnu/make/ Please see the NEWS file that comes with the GNU make distribution for details on user-visible changes. Read more Also: GNU Make 4.3 Released With Performance Improvements, Newer GNU libc + Musl Support

Kernel: Zhaoxin, Arch Linux's Zen and WireGuard in Linux 5.6

  • Zhaoxin 7-Series x86 CPUs Mitigated For Spectre V2 + SWAPGS

    When it comes to the Zhaoxin x86-compatible processors coming out of VIA's joint venture in Shanghai, their forthcoming 7-series (KX-7000) has hardware mitigations in place for some CPU vulnerabilities. We haven't heard much about these Chinese x86 CPUs with regards to speculative execution vulnerabilities but it appears the pre-7-Series is vulnerable to Spectre Variant Two and at least SWAPGS. But with their 7-series, hardware mitigations appear to be in place.

  • Benchmarks Of Arch Linux's Zen Kernel Flavor

    Following the recent Linux kernel tests of Liquorix and other scheduler discussions (and more), some requests from premium supporters rolled in for seeing the performance of Arch Linux's Zen kernel package against the generic kernel. Here are those benchmark results. These are some benchmarks I recently did on the AMD Ryzen Threadripper 3970X while running EndeavourOS. Tests were done with its default Linux 5.4.8-arch1 kernel compared to the same kernel revision but using Arch's Zen kernel flavor. That is Arch's spin of the Zen-kernel patches (not to be confused with AMD Zen).

  • Intel's ConnMan Is Ready With WireGuard Support

    In addition to NetworkManager having good WireGuard support in advance of this secure VPN tunnel tech landing with the Linux 5.6 kernel, Intel's ConnMan software is also ready with supporting WireGuard. Intel's ConnMan hasn't seen a new tagged release in nearly one year but over the past two months in the Git development code WireGuard support has materialized. ConnMan, as a reminder, is the Intel-led effort for providing an Internet connection manager on Linux designed for embedded/mobile use-cases that dates back to their Moblin days.